Symantec Wants To Outlaw Publishing Virus Information

from the want-to-keep-it-all-to-themselves dept

Among the strategies discussed at a Congressional session on how to prevent viruses and worms from becoming a growing problem (something that is only going to get worse), the head of anti-virus firm Symantec came up with a somewhat backwards solution. He says it should be illegal to post any information about how to create a virus or a worm. In other words, make information less available. It's a classic "security through obscurity" plan that can't work. Fighting these things takes information. Locking down information doesn't mean that it won't spread, but that it will be spread underground. Thus, we'll be less safe, because we won't be nearly as aware of what the threats are.

Reader Comments

Knowledge is Power

How convenient for them to then have a monopoly of information on security. Sorry, too many Iranians, Pakistanis & Indians are involved in security products. I don't want to be forced to trust software corporations to protect me.

I have the right to know what could infect my computer , just as I have the right to enlighten myself about cancer, aids or a myriad of other afflictions.

Re: Knowledge is Power

"Sorry, too many Iranians, Pakistanis & Indians are involved in security products" --- yes and heavens knows they all share the same interests. I've heard recent talk that the two muslim countries and India are going put aside there differences, band together and take over the world.

No Subject Given

Funny, I thought their business model was to scare the crap out of everyone about viruses and then to sell virus control software. Without all these "Worm" and "Virus" scares (which are almost always blown out of proportion by someone in the anti-virus community), who would buy this stuff?

Re: Nobody gets it?

They want to ban 'how to make' virus information.

Or is it that they want to ban "how to make" virus information so that new competitors will not be able to have the same resources they had.

I think this is a very powerful anti-trust move on the part of Symantec. All they are going to do is make it difficult for anyone legitimately wanting the information since the once who are writing the viruses already have it or at least know where to get it.

The redundant law of redundancies

Uh, excuse me, but the DCMA already makes it illegal to publish circumventions of security mechanisms. Buffer overflows and untrusted code could easily be viewed in this light.

It's also quite illegal to publish viruses, though people seem confused as to if this means just the source code or releasing the complied code into the wild. There have been a few cases where "researchers" code accidently escaped into the wild. I believe the granddaddy of them all, the Morris worm, fell into this catagory.

I can tell you this: I was around during the Morris worm and if it had not been for independant technical analysis by univerity admins. people would have been lost. Remember, this was back when the FProt folks were the only anti-virus game in town and computer viruses/worms were considered an esoteric research topic of limit value in real life.